Read this

Microsoft has confirmed Azure Services are pretty much immune to the Heartbleed OpenSSL bug, except for customers running Linux images in its cloud. Google, Amazon, Rackspace, Joyant, and others have clarified which of their services are affected, and which are in the clear.

iOS and OS X users can breathe a sigh of relief with the knowledge that their devices are not affected by the catastrophic OpenSSL Heartbleed security flaw — but if they're using BBM for really private messages on iOS they might want to stop right now.

Apple products don't suffer from the bug that has prompted a fair chunk of the internet to race out patches to fix web servers, security hardware, routers and other products that relied on the OpenSSL implementation of the SSL/TLS standard for secured web communications.

By contrast, Heartbleed puts at risk pretty much anything that was protected by OpenSSL encryption, including passwords, private keys, and other sensitive details such as credit card details. (As noted by a commenter, iOS and OSX users may still be affected by an attack on a vulnerable server.)

In other words, even a small cut of that could still amount to a very large number of Android devices that need patching — and when it comes to patching, Google's Android partners haven't had a good track record for rushing them out.

Microsoft yesterday confirmed Azure was unaffected by the bug and that Windows comes with Microsoft's own encryption component called Secure Channel, aka SChannel.

However, cloud giant Amazon confirmed it was affected, which has had an impact on anyone that used ELB, EC2, OpsWorks, Elastic Beanstalk, and CloudFront.

Mozilla announced on Wednesday that its federated identity authentication project, Persona, and Firefox Account were affected by Heartbleed. Their servers ran in AWS while encrypted TLS connections terminated on AWS ELB using OpenSSL.